← 返回 Skills 市场
260
总下载
0
收藏
2
当前安装
4
版本数
在 OpenClaw 中安装
/install feishu-send
功能描述
飞书发送图片/文件/语音。用 curl 调用飞书 API 发送,比 message 工具更可靠。用于需要发送图片、文件、语音到飞书时触发。
使用说明 (SKILL.md)
Feishu Send
用 exec + curl 调用飞书 API 发送图片、文件、语音。
凭证读取规则
优先读:当前 agent 名字对应的 account 配置
防错读:如果读不到,用 main 账户
调用时通过环境变量注入 agent 名字:
AGENT_NAME=main
统一获取凭证
# 从 openclaw.json 读取飞书凭证
# 优先读 AGENT_NAME 对应的 account,读不到则用 main 作为 fallback
get_feishu_creds() {
local agent_name="${AGENT_NAME:-main}"
local config_file="$HOME/.openclaw/openclaw.json"
local app_id app_secret
# 尝试读取当前 agent 的 account
app_id=$(python3 -c "
import json, sys
c = json.load(open('$config_file'))
accounts = c.get('channels', {}).get('feishu', {}).get('accounts', {})
# 先尝试 agent 名
if '$agent_name' in accounts:
print(accounts['$agent_name'].get('appId', ''))
elif 'main' in accounts:
print(accounts['main'].get('appId', ''))
else:
print('')
" 2>/dev/null)
app_secret=$(python3 -c "
import json, sys
c = json.load(open('$config_file'))
accounts = c.get('channels', {}).get('feishu', {}).get('accounts', {})
if '$agent_name' in accounts:
print(accounts['$agent_name'].get('appSecret', ''))
elif 'main' in accounts:
print(accounts['main'].get('appSecret', ''))
else:
print('')
" 2>/dev/null)
echo "$app_id $app_secret"
}
# 用法:读取凭证
read -r APP_ID APP_SECRET \x3C\x3C\x3C "$(get_feishu_creds)"
统一获取 Token
TOKEN=$(curl -s -X POST 'https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal' \
-H 'Content-Type: application/json' \
-d "{\"app_id\":\"$APP_ID\",\"app_secret\":\"$APP_SECRET\"}" \
| python3 -c "import json,sys; print(json.load(sys.stdin)['tenant_access_token'])")
发送图片
Step 1: 获取凭证
read -r APP_ID APP_SECRET \x3C\x3C\x3C "$(get_feishu_creds)"
Step 2: 获取 token
TOKEN=$(curl -s -X POST 'https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal' \
-H 'Content-Type: application/json' \
-d "{\"app_id\":\"$APP_ID\",\"app_secret\":\"$APP_SECRET\"}" \
| python3 -c "import json,sys; print(json.load(sys.stdin)['tenant_access_token'])")
Step 3: 上传图片获取 image_key
IMAGE_KEY=$(curl -s -X POST 'https://open.feishu.cn/open-apis/im/v1/images' \
-H "Authorization: Bearer $TOKEN" \
-F "image_type=message" \
-F "image=@/path/to/image.png" \
| python3 -c "import json,sys; print(json.load(sys.stdin)['data']['image_key'])")
Step 4: 发送图片消息
# 发到群聊
curl -s -X POST 'https://open.feishu.cn/open-apis/im/v1/messages?receive_id_type=chat_id' \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d "{\"receive_id\":\"$CHAT_ID\",\"msg_type\":\"image\",\"content\":\"{\\\"image_key\\\":\\\"$IMAGE_KEY\\\"}\"}"
# 发给个人(需要 open_id)
curl -s -X POST 'https://open.feishu.cn/open-apis/im/v1/messages?receive_id_type=open_id' \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d "{\"receive_id\":\"$OPEN_ID\",\"msg_type\":\"image\",\"content\":\"{\\\"image_key\\\":\\\"$IMAGE_KEY\\\"}\"}"
支持格式: JPEG, PNG, WEBP, GIF, TIFF, BMP, ICO
发送文件
Step 1-2: 同上获取 token
Step 3: 上传文件获取 file_key
FILE_KEY=$(curl -s -X POST 'https://open.feishu.cn/open-apis/im/v1/files' \
-H "Authorization: Bearer $TOKEN" \
-F "file_type=stream" \
-F "file_name=xxx.zip" \
-F "file=@/path/to/file.zip" \
| python3 -c "import json,sys; print(json.load(sys.stdin)['data']['file_key'])")
Step 4: 发送文件消息
curl -s -X POST 'https://open.feishu.cn/open-apis/im/v1/messages?receive_id_type=chat_id' \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d "{\"receive_id\":\"$CHAT_ID\",\"msg_type\":\"file\",\"content\":\"{\\\"file_key\\\":\\\"$FILE_KEY\\\"}\"}"
发送语音
Step 1-2: 同上获取 token
Step 3: 上传音频获取 file_key
FILE_KEY=$(curl -s -X POST 'https://open.feishu.cn/open-apis/im/v1/files' \
-H "Authorization: Bearer $TOKEN" \
-F "file_type=opus" \
-F "file_name=xxx.opus" \
-F "file=@/path/to/audio.opus" \
| python3 -c "import json,sys; print(json.load(sys.stdin)['data']['file_key'])")
Step 4: 发送语音
curl -s -X POST 'https://open.feishu.cn/open-apis/im/v1/messages?receive_id_type=chat_id' \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d "{\"receive_id\":\"$CHAT_ID\",\"msg_type\":\"audio\",\"content\":\"{\\\"file_key\\\":\\\"$FILE_KEY\\\",\\\"duration\\\":$DURATION}\"}"
完整示例
发送一张图片到飞书群:
# agent 名字(调用前设置)
AGENT_NAME=main
# Step 1: 读取凭证
read -r APP_ID APP_SECRET \x3C\x3C\x3C "$(get_feishu_creds)"
# Step 2: 获取 token
TOKEN=$(curl -s -X POST 'https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal' \
-H 'Content-Type: application/json' \
-d "{\"app_id\":\"$APP_ID\",\"app_secret\":\"$APP_SECRET\"}" \
| python3 -c "import json,sys; print(json.load(sys.stdin)['tenant_access_token'])")
# Step 3: 上传图片
IMAGE_KEY=$(curl -s -X POST 'https://open.feishu.cn/open-apis/im/v1/images' \
-H "Authorization: Bearer $TOKEN" \
-F "image_type=message" \
-F "image=@/tmp/screenshot.png" \
| python3 -c "import json,sys; print(json.load(sys.stdin)['data']['image_key'])")
# Step 4: 发送
CHAT_ID="oc_87d0d49f1f81f9e1b8dd1d5ad5f9ec72"
curl -s -X POST 'https://open.feishu.cn/open-apis/im/v1/messages?receive_id_type=chat_id' \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d "{\"receive_id\":\"$CHAT_ID\",\"msg_type\":\"image\",\"content\":\"{\\\"image_key\\\":\\\"$IMAGE_KEY\\\"}\"}"
注意事项
- ❌ 不要用
message工具的发图片/文件功能 —— 会变成路径或失败 - ✅ 用 exec + curl 方式稳定可靠
- ✅ 调用前设置
AGENT_NAME环境变量,不设置则默认读 main - ✅ 自动 fallback:如果 AGENT_NAME 对应的 account 不存在,用 main 账户
- ✅ token 有有效期,不用每次操作都重新获取
安全使用建议
This skill appears to do what it says, but it reads your OpenClaw agent config (~/.openclaw/openclaw.json) and expects an AGENT_NAME env var even though the registry metadata doesn't declare these requirements. Before installing or enabling it: (1) inspect ~/.openclaw/openclaw.json to see what credentials would be accessible and whether using the 'main' fallback could expose unrelated app secrets; (2) set AGENT_NAME explicitly to avoid accidental use of the main account; (3) run the snippets in a safe/test environment to confirm behavior; (4) ask the publisher to update metadata to declare required config paths and binaries (curl, python3) and to remove or make explicit the fallback-to-main behavior; (5) if you cannot verify the config contents, avoid granting this skill access to your production environment.
功能分析
Type: OpenClaw Skill
Name: feishu-send
Version: 1.2.0
The skill bundle provides instructions and shell commands for an AI agent to send images, files, and voice messages via the official Feishu API (open.feishu.cn). It includes logic in SKILL.md to retrieve API credentials from the local OpenClaw configuration file (~/.openclaw/openclaw.json) and manage authentication tokens. The code and instructions are transparent, align with the stated purpose, and do not exhibit signs of malicious intent or unauthorized data exfiltration.
能力评估
Purpose & Capability
The skill claims only Feishu send functionality, which is consistent with the curl calls. However the metadata declares no required config paths or env vars while the runtime instructions explicitly read $HOME/.openclaw/openclaw.json for appId/appSecret and expect AGENT_NAME; that mismatch (undeclared config access and env usage) is disproportionate to the manifest.
Instruction Scope
SKILL.md instructs the agent to read ~/.openclaw/openclaw.json (potentially exposing other stored channel credentials), to use AGENT_NAME (env var) with a fallback to 'main', and to invoke external HTTP endpoints. Reading a local agent config is outside a minimal 'send via Feishu' description unless explicitly declared; fallback to main increases risk of using unrelated credentials.
Install Mechanism
This is an instruction-only skill (no install spec), which is low-risk in itself. However the runtime requires curl and python3 (used in the provided shell snippets) but the registry metadata did not declare required binaries — an omission that should be corrected.
Credentials
Although the skill legitimately needs Feishu app_id/app_secret, those are obtained by reading a local openclaw.json file rather than declaring a specific credential input. The skill also uses AGENT_NAME env var (not declared). Accessing a general config file may expose multiple accounts; the fallback-to-main behavior can cause unintended use of broader credentials.
Persistence & Privilege
The skill does not request permanent presence (always:false), does not modify other skills or system-wide settings, and has no install steps that write code to disk. Autonomous invocation is allowed by platform default but is not combined here with other privilege escalations.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install feishu-send - 安装完成后,直接呼叫该 Skill 的名称或使用
/feishu-send触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.2.0
Replace hardcoded /home/axelhu/.openclaw with portable $HOME/.openclaw
v1.1.0
Remove hardcoded credentials. Dynamic account lookup with AGENT_NAME fallback to main.
v1.0.1
- Initial release of feishu-send skill for sending files, images, and voice messages to Feishu groups or users via API.
- Uses curl commands to authenticate, upload and send messages, solving known bugs in OpenClaw's message tool for file/image delivery.
- Supports sending JPEG, PNG, WEBP, GIF, TIFF, BMP, ICO images; generic files; and OPUS audio with duration.
- Reads sensitive config (APP_ID, APP_SECRET, chat ID) from context at runtime.
- Includes troubleshooting for common errors such as token, upload, or send failures.
v1.0.0
初始版本
元数据
常见问题
Feishu Send 是什么?
飞书发送图片/文件/语音。用 curl 调用飞书 API 发送,比 message 工具更可靠。用于需要发送图片、文件、语音到飞书时触发。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 260 次。
如何安装 Feishu Send?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install feishu-send」即可一键安装,无需额外配置。
Feishu Send 是免费的吗?
是的,Feishu Send 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Feishu Send 支持哪些平台?
Feishu Send 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Feishu Send?
由 AxelHu(@axelhu)开发并维护,当前版本 v1.2.0。
推荐 Skills